The reason mentioned was "This server does not support Forward Secrecy with the reference browsers. Grade capped to B"

Why is it so?

When there are two suites (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)ECDH secp256r1 and TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)ECDH secp256r1) which have Forward Secrecy has been implemented, why SSL Labs is stating that the server does not support forward secrecy?

Why the grade is capped down when weak ciphers (as mention by SSL labs) are removed?

the grade is reduced to B because you're not also removing the even weaker TLS_RSA suites when you remove the TLS_ECDHE CBC suites, causing browsers that don't support GCM to use RSA key exchange instead of the better ECDHE key exchange. if you want to remove weak cipher suites, you should start with the weakest ones.

the grade is reduced to B because you're not also removing the even weaker TLS_RSA suites when you remove the TLS_ECDHE CBC suites, causing browsers that don't support GCM to use RSA key exchange instead of the better ECDHE key exchange. if you want to remove weak cipher suites, you should start with the weakest ones.